Wolfgang Woehl wrote:
Donnerstag, 7. Februar 2008 Randall R Schulz:
On Thursday 07 February 2008 14:07, Wolfgang Woehl wrote:
Randall, for brevity's sake, it can do whatever an ELF LSB executable chooses to in your backyard. No, that is not so. Can you point me to a known exploit on Firefox (e.g.) that allows execution of arbitrary code? 'Cause that's what you're claiming.
I'm saying any app could.
By what mechanism? Other than *very* *old*, uncorrected code with buffer-overflow vulnerabilities, due to calls to strcat(3) instead of strncat(3), and similar pitfalls which are now very well understood since the first use in th 1987 Morris Worm, you have to provide some hard documentation (i.e. code sections) to make your point here. These days, nobody writing code for Firefox is using strcat(). In fact, I would not be surprised if the dev team had a specific filter written to find any uses of strcat() so that they can be replaced with strncat(), and the same for other, similarly vulnerable buffer copying functions with their -n- sister functions. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org